<?php
require_once '../libs/app.config.php';
require_once(INCLUDE_PATH.'template.inc.php');  //模板类及对象$tpl的加载

session_start();
$login    = new Userlogin($tpm,$tpl);

//正则表达式，如果含有（`''= ）字符则登录失败。
$regex    = "/[`''= ]/";
if(preg_match($regex,$_POST['username'])){
	echo "<script type='text/javascript'>location=('display.php?login=1');</script>";
	exit();
}
//判断验证码
if(strtoupper($_POST['verifycode'])==$_SESSION['login_check_number']){

$pwd      = md5($password);
$sql      = "select * from `admin_user` where `admin_name`='".$username."' and `password`='".$pwd."'";
$login->user($sql);
}
else{

	refreshto($tpl,'login.php','Verification code is incorrect！');
}

?>